Rooted Plesk, OpenSSH boxes sold on forum

By on
Rooted Plesk, OpenSSH boxes sold on forum

Credentials for sale.

Researchers have discovered an online store where criminals sell access to hacked servers

Server admin credentials were being trafficked on the SSH–Zone site and could be used to distribute malware or run botnet command-and-control servers.

The online shop sold admin information for Plesk and OpenSSH running on hacked Linux servers and amassed credentials using an automated cracking method, AlienVault researcher Alberto Ortega reported.

Screen shot: Darren Pauli

Researchers believe that Russian attackers were behind the operation due to the written language in the site.

A report by 41st Parameter said stolen credentials were often “packaged in a standardised format” and later used to further extract information from victims through spear phishing campaigns.

This article originally appeared at

Copyright © SC Magazine, US edition

Most Read Articles

Log In

|  Forgot your password?